$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa File: A6A53FA2D67E11EEAA2CA218C4F9AE02.roa (raw, json) Hash identifier: vd/2YU/fZHY0X+88OePyC1GrfRf3guoIzxWdo48FOwA= Subject key identifier: 60:26:51:4E:B2:E0:31:83:CF:E6:84:65:78:C8:FC:BF:BC:F7:9D:AD Certificate issuer: /CN=A91BC966/serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Certificate serial: 0C21 Authority key identifier: B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa Signing time: Thu 12 Jun 2025 18:53:00 +0000 ROA not before: Thu 12 Jun 2025 18:53:00 +0000 ROA not after: Sat 31 Jan 2026 00:00:00 +0000 asID: 38565 IP address blocks: 36.252.0.0/15 maxlen: 23 36.253.19.0/24 maxlen: 24 36.253.26.0/24 maxlen: 24 43.243.96.0/22 maxlen: 24 49.126.0.0/16 maxlen: 20 103.38.196.0/22 maxlen: 24 116.68.208.0/21 maxlen: 24 2400:9500::/32 maxlen: 32 2400:9500:4000::/36 maxlen: 44 2400:9500:6000::/36 maxlen: 44 2400:9500:8000::/36 maxlen: 44 2400:9500:c000::/36 maxlen: 44 2400:9500:e000::/36 maxlen: 44 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Jun 2025 18:34:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3105 (0xc21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BC966, serialNumber=B2A25DDE1A9EC91B59986A532F78835436183248 Validity Not Before: Jun 12 18:53:00 2025 GMT Not After : Jan 31 00:00:00 2026 GMT Subject: CN=684b220c-0022 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e8:18:81:ff:58:bf:55:40:d6:c6:2d:8e:8a: 3a:a8:3a:12:56:b3:04:3e:e7:16:83:4a:b0:1f:a0: 1d:8f:15:77:87:7f:e7:af:ad:2f:20:af:6e:87:c3: 30:32:1e:ec:59:a8:f8:a9:49:7f:bc:01:f4:18:c7: 01:15:00:a6:40:af:ba:34:6f:09:17:b0:b2:13:cc: e6:18:e1:51:1b:ae:a8:c1:3f:8e:71:25:e8:50:b4: 1d:f9:04:3f:a9:0d:01:53:db:46:95:57:b2:5d:7c: 8f:bb:c1:ec:82:f9:67:37:d5:b7:f2:68:3b:91:9d: 1e:23:11:19:78:94:33:ed:04:a3:35:21:87:8c:69: 65:0a:53:74:8e:8e:81:13:35:f6:6f:d9:be:7a:6e: ee:4f:e5:2a:8d:64:62:e4:f9:b2:4b:54:a0:d1:11: 7c:34:5d:09:2a:0a:ed:d9:cd:3a:76:a3:9f:f1:05: 93:a8:01:e7:dd:bf:7a:cb:a3:fa:e6:29:8d:63:13: f5:8f:2d:f9:fa:e9:ea:aa:18:04:ce:32:30:bc:4e: 2b:19:f5:ae:bd:cd:7c:5c:8d:7f:13:f1:2f:a7:12: 40:94:f0:43:3b:fe:a6:7b:a3:f2:0d:67:0e:57:d3: df:bc:c0:50:36:81:a5:9c:9f:27:ac:c3:b5:d0:9b: 24:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:26:51:4E:B2:E0:31:83:CF:E6:84:65:78:C8:FC:BF:BC:F7:9D:AD X509v3 Authority Key Identifier: keyid:B2:A2:5D:DE:1A:9E:C9:1B:59:98:6A:53:2F:78:83:54:36:18:32:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/sqJd3hqeyRtZmGpTL3iDVDYYMkg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sqJd3hqeyRtZmGpTL3iDVDYYMkg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC966/A1952BA21C1111EAB6C3C76DC4F9AE02/A6A53FA2D67E11EEAA2CA218C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 36.252.0.0/15 43.243.96.0/22 49.126.0.0/16 103.38.196.0/22 116.68.208.0/21 IPv6: 2400:9500::/32 Signature Algorithm: sha256WithRSAEncryption 9d:c4:94:05:11:05:b1:c8:cf:f1:cd:fc:c9:4b:fa:1a:ab:69: e4:12:fd:7e:eb:93:4b:07:c4:3e:db:c4:03:24:f1:83:fb:c4: db:52:27:2e:7c:30:11:d8:c5:91:88:5d:f8:e7:15:91:37:24: 21:38:ea:b5:d3:fa:98:46:83:c2:27:7e:45:39:8a:f1:38:4d: e3:5c:6e:a1:7e:c2:34:17:6c:6b:18:06:9d:5a:e9:d6:f4:10: cb:af:8b:ea:b8:82:05:1b:14:09:82:fa:eb:83:1c:58:56:ae: c3:cd:f7:52:42:e9:cb:aa:2c:11:03:95:88:7a:22:c3:b2:b7: cb:75:55:2f:35:2d:5c:e3:5b:3a:40:e6:22:f9:01:b6:8b:9f: 77:fb:a1:ab:c6:5e:d0:d5:46:d0:19:4b:1d:c3:af:4d:a2:01: 14:a7:50:1c:5b:5a:2b:a0:b7:1e:59:a9:5b:14:40:9b:c2:0c: 0e:ee:08:15:4b:5e:d0:bf:a4:f4:ae:23:73:13:40:b2:d7:43: aa:09:8e:bd:e8:21:61:85:d5:1d:38:30:db:c6:fb:ea:7e:6f: c3:48:61:f2:67:be:86:62:c0:1c:6e:16:33:78:4a:85:a1:2e: 99:27:95:b3:d0:6b:4e:9d:89:0e:6c:19:05:01:61:40:ae:05: 3e:0a:09:80 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgICDCEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkM5NjYxMTAvBgNVBAUTKEIyQTI1RERFMUE5RUM5MUI1OTk4NkE1MzJGNzg4MzU0 MzYxODMyNDgwHhcNMjUwNjEyMTg1MzAwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODRiMjIwYy0wMDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwegYgf9Yv1VA1sYtjoo6qDoSVrMEPucWg0qwH6AdjxV3h3/nr60vIK9uh8Mw Mh7sWaj4qUl/vAH0GMcBFQCmQK+6NG8JF7CyE8zmGOFRG66owT+OcSXoULQd+QQ/ qQ0BU9tGlVeyXXyPu8HsgvlnN9W38mg7kZ0eIxEZeJQz7QSjNSGHjGllClN0jo6B EzX2b9m+em7uT+UqjWRi5PmyS1Sg0RF8NF0JKgrt2c06dqOf8QWTqAHn3b96y6P6 5imNYxP1jy35+unqqhgEzjIwvE4rGfWuvc18XI1/E/EvpxJAlPBDO/6me6PyDWcO V9PfvMBQNoGlnJ8nrMO10JskHwIDAQABo4ICujCCArYwHQYDVR0OBBYEFGAmUU6y 4DGDz+aEZXjI/L+8952tMB8GA1UdIwQYMBaAFLKiXd4anskbWZhqUy94g1Q2GDJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzk2Ni9BMTk1MkJBMjFD MTExMUVBQjZDM0M3NkRDNEY5QUUwMi9zcUpkM2hxZXlSdFptR3BUTDNpRFZEWVlN a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NxSmQzaHFleVJ0Wm1HcFRMM2lEVkRZWU1rZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QkM5NjYvQTE5NTJCQTIxQzExMTFFQUI2QzNDNzZEQzRGOUFFMDIvQTZBNTNGQTJE NjdFMTFFRUFBMkNBMjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E NTAzMCIEAgABMBwDAwEk/AMEAivzYAMDADF+AwQCZybEAwQDdETQMA0EAgACMAcD BQAkAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQCdxJQFEQWxyM/xzfzJS/oaq2nkEv1+ 65NLB8Q+28QDJPGD+8TbUicufDAR2MWRiF345xWRNyQhOOq10/qYRoPCJ35FOYrx OE3jXG6hfsI0F2xrGAadWunW9BDLr4vquIIFGxQJgvrrgxxYVq7DzfdSQunLqiwR A5WIeiLDsrfLdVUvNS1c41s6QOYi+QG2i593+6Grxl7Q1UbQGUsdw69NogEUp1Ac W1oroLceWalbFECbwgwO7ggVS17Qv6T0riNzE0Cy10OqCY696CFhhdUdODDbxvvq fm/DSGHyZ76GYsAcbhYzeEqFoS6ZJ5Wz0GtOnYkObBkFAWFArgU+CgmA -----END CERTIFICATE-----Generated at Mon Jun 23 08:37:43 2025 by rpki-client